DOCSLIB.ORG

Some Insights Into the Development of Cryptocurrencies

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Some Insights Into the Development of Cryptocurrencies A Service of Leibniz-Informationszentrum econstor Wirtschaft Leibniz Information Centre Make Your Publications Visible. zbw for Economics Hanl, Andreas Working Paper Some insights into the development of cryptocurrencies MAGKS Joint Discussion Paper Series in Economics, No. 04-2018 Provided in Cooperation with: Faculty of Business Administration and Economics, University of Marburg Suggested Citation: Hanl, Andreas (2018) : Some insights into the development of cryptocurrencies, MAGKS Joint Discussion Paper Series in Economics, No. 04-2018, Philipps- University Marburg, School of Business and Economics, Marburg This Version is available at: http://hdl.handle.net/10419/175855 Standard-Nutzungsbedingungen: Terms of use: Die Dokumente auf EconStor dürfen zu eigenen wissenschaftlichen Documents in EconStor may be saved and copied for your Zwecken und zum Privatgebrauch gespeichert und kopiert werden. personal and scholarly purposes. Sie dürfen die Dokumente nicht für öffentliche oder kommerzielle You are not to copy documents for public or commercial Zwecke vervielfältigen, öffentlich ausstellen, öffentlich zugänglich purposes, to exhibit the documents publicly, to make them machen, vertreiben oder anderweitig nutzen. publicly available on the internet, or to distribute or otherwise use the documents in public. Sofern die Verfasser die Dokumente unter Open-Content-Lizenzen (insbesondere CC-Lizenzen) zur Verfügung gestellt haben sollten, If the documents have been made available under an Open gelten abweichend von diesen Nutzungsbedingungen die in der dort Content Licence (especially Creative Commons Licences), you genannten Lizenz gewährten Nutzungsrechte. may exercise further usage rights as specified in the indicated licence. www.econstor.eu Joint Discussion Paper Series in Economics by the Universities of Aachen ∙ Gießen ∙ Göttingen Kassel ∙ Marburg ∙ Siegen ISSN 1867-3678 No. 04-2018 Andreas Hanl Some Insights into the Development of Cryptocurrencies This paper can be downloaded from http://www.uni-marburg.de/fb02/makro/forschung/magkspapers Coordination: Bernd Hayo • Philipps-University Marburg School of Business and Economics • Universitätsstraße 24, D-35032 Marburg Tel: +49-6421-2823091, Fax: +49-6421-2823088, e-mail: [email protected] Some Insights into the Development of Cryptocurrencies∗ Andreas Hanly February 5, 2018 Abstract Cryptocurrencies such as Bitcoin might revolutionize the economy through enabling peer-to-peer based transactions by abolishing the need for a trusted intermediary. As for now, Bitcoin remains to be the best recognized cryp- tocurrency, in particular in terms of market capitalization. However, as this paper shows, there are plenty of alternatives. This paper outlines the histor- ical roots which have led to the creation of privately emitted, cryptography based digital currencies. Additionally, this paper discusses future possible hurdles of the development of cryptocurrencies and outlines features which might influence the success of a cryptocurrency. Insights into the beginning of cryptocurrency development are gained by analysis of the publicly avail- able DOACC dataset. The paper does so by providing an overview of the techniques and mechanisms used by cryptocurrencies. It shows that newly created cryptocurrencies tend to be very similar in some properties in the early stages but new features and more diversity developed in more recent years. Additionally, newly created cryptocurrencies tend more and more to create a fixed number of coins before the initial announcement in order to sell these in Initial Coin Offerings. Even when the amount of premining increases over years, it remains at lower levels on the aggregate. Keywords: Cryptocurrency; Bitcoin; Blockchain, Cryptography; Digital Money; E-Money JEL Codes: E40, E42 ∗This paper has benefited from comments by and discussions with Walter Blocher, Alexander G¨unther, Philipp Kirchner and Jochen Michaelis. The work on this project was supported by a PhD-scholarship provided by the University of Kassel. yDepartment of Economics, University of Kassel, Nora-Platiel-Str. 4, 34109 Kassel, Germany; E-mail: [email protected]. 1 Introduction For ages and ages, money has in most cases been a centralized system, mostly state- issued. Even though electronic payments got more important in the last decades (Bagnall et al. 2016), money remained under a centralized governmental control. However, the last financial crisis of 2007ff. has not only shown a loss of trust in these central institutions, it has also given rise to \cryptocurrencies" | the best known being typically Bitcoin. The idea of Nakamoto (2008) was to provide a system where agents could conduct payments without the need for trust in other parties. The (still) unknown founder(s) of Bitcoin enable this by the creation of the \blockchain" which is ultimately an implementation of the distributed ledger technology. By the combination of cryptographic methods and concepts which have been known in computer science for years (Narayanan and Clark 2017), Nakamoto (2008) has solved the problem of double spending without the need for a trusted third party. With this technology, it would no longer be a necessary condition to trust in an institution which would have the ultimate power to destroy the system. Indeed, this motive also becomes clear from Bitcoin's \Genesis Block" which includes the text \The Times 03/Jan/2009 Chancellor on brink of second bailout for banks", possibly showing Nakamoto's aversion against traditional central intermediaries. Moreover, this aversion against central intermediaries might have motivated Bitcoin's reliance on a maximum number of coins | thereby offering a protection against inflationary tendencies which, historically, have set an end to so many currencies. Hundreds of alternatives, so called \altcoins", have joined Bitcoin which still remains to be the most important one in terms of market value, market capital- ization, daily transactions and business acceptance (Sapuric et al. 2017). Table 1 shows some estimates of the number of cryptocurrencies being present. Tarasiewicz and Newman (2015) find that by August 2014 more than 1,500 concepts based on Bitcoin have been discussed, and on GitHub more than 4,000 Bitcoin forks existed. Currently, there are more than 14,000 forks of the Bitcoin source code on this plat- form. Even if GitHub is not the only platform in charge for the launch of a new cryptocurrency, it has been an important player in the early stage development. In that sense, the GitHub figure might be understood as some upper limit as not every fork will result in a new proposal of a cryptocurrency. When it comes to exchange markets, Coinmarketcap.com now lists more than 900 cryptocurrencies whereas about 440 of them have a market capitalization of more than one million US-dollars. However, market volumes reveal that the cryptocurrencies | even in total | only have little impact on the economies so far. In comparison to nar- row money measures, the ecosphere of cryptocurrencies accounts for only some per mill of the \traditional" money. Moreover, a large number of cryptocurrencies has market values which are pretty small, so that the number of cryptocurrencies to be taken seriously is reasonably smaller. These numbers clearly reveal that there must be a huge amount of cryptocurrencies which did not succeed on the market. This includes a number of scam-coins intended to only benefit their creators (Tarasiewicz and Newman 2015). The Description of a Cryptocurrency (DOACC) dataset was built around cryptocurrency announcement postings on the bitcointalk forum, the traditional way of announcing of a new cryptocurrency in the early stages of the 1 Table 1: Estimates about the size of the cryptocurrency ecosystem (as of January 11, 2018) Source Estimated size Coinmarketcap.com 903 Tarasiewicz and Newman (2015) (Bit- >1,500 cointalk, 8/2014) DOACC 2,896 Tarasiewicz and Newman (2015) 4,096 (GitHub, 8/2014) Cryptocoincharts.info 4,552 GitHub 14,528 ecosphere (Tarasiewicz and Newman 2015). With its coverage being between the exchange platform figure and the number of GitHub forks, it plausibly reflects the number of cryptocurrency proposals of the early stage development. However, it should be noted that the DOACC number might overestimate the true number of cryptocurrencies being in circulation by the end of 2016 as some concepts have not reached the market or already dropped out of it. In this paper, I present some descriptives on how the cryptocurrencies developed, what was common in the past, and what is common more recently. To do this, I use the DOACC dataset which covers 2,896 different cryptocurrency announcements up to September 2016. I track the development of consensus-schemes and hash- algorithms, of confirmation times and premining shares. On top of that, the paper provides brief explanations of the underlying technical concepts. Further, it shows the hurdles which occurred in the past and how new cryptocurrencies proposals take existing weaknesses into account. The paper proceeds as follows. Section 2 gives an overview on the historical back- ground of the cryptocurrencies, develops a definition of what can be understood as a cryptocurrency and further, it outlines hurdles for the future development. Section 3 analyzes the cryptocurrency ecosphere using the DOACC dataset. It provides descriptives on the development regarding the number of announcements, consensus schemes, cryptographic algorithms, block and confirmation times and premining. Additionally, section
Load more

Recommended publications
  • Auditing Wallets in Cryptonote
    Auditing wallets in CryptoNote sowle <[email protected]> ​ ​ Zano project, https://zano.org ​ Cryptocurrency wallet auditing is the ability for a third party (the "auditor") to watch the transactions and to be able to calculate the correct balance without an ability to spend a coin. This article explores several possible implementations of expansion cryptocurrency protocol CryptoNote 2.0 [1] with such ability. In the original CryptoNote protocol auditing is only partially possible with the help of the tracking ​ ​ key, namely, an auditor is able to distinguish incoming transactions in the blockchain, but the full set of secret keys is required to filter out outgoing transactions. This article is intended for readers familiar with the general blockchain technology and “classic” cryptocurrencies, as well as with the basics of cryptography on elliptic curves. 1. Introduction What is CryptoNote? Surprisingly, most people interested in blockchain technology have never heard anything about CryptoNote, in spite of the fact that the technology has more than 300 forks, including Monero as the most famous. Back in 2014 in the cryptocurrency community there were mentions [2] about a project, titled Bytecoin. That project did not originate as a Bitcoin or other known project fork, having its own original codebase. It was very unusual at the time. Bytecoin general conception was to be an implementation of a privacy-technology named CryptoNote. There were two main privacy mechanisms: stealth-addresses and inputs` mixing-in with the ​ ​ help of ring signatures (at the time it was called "blockchain mixer"). Since Zcash existed only on paper / in theory at that time, CryptoNote became a competitive technology and has provoked much controversy in the cryptocurrency community.
    [Show full text]
  • Realizing the Potential of Blockchain Technologies in Genomics
    Downloaded from genome.cshlp.org on September 29, 2021 - Published by Cold Spring Harbor Laboratory Press Perspective Realizing the potential of blockchain technologies in genomics Halil Ibrahim Ozercan,1 Atalay Mert Ileri,2 Erman Ayday,1 and Can Alkan1 1Department of Computer Engineering, Bilkent University, Ankara 06800, Turkey; 2Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge, Massachusetts 02139, USA Genomics data introduce a substantial computational burden as well as data privacy and ownership issues. Data sets generated by high-throughput sequencing platforms require immense amounts of computational resources to align to reference ge- nomes and to call and annotate genomic variants. This problem is even more pronounced if reanalysis is needed for new ver- sions of reference genomes, which may impose high loads to existing computational infrastructures. Additionally, after the compute-intensive analyses are completed, the results are either kept in centralized repositories with access control, or dis- tributed among stakeholders using standard file transfer protocols. This imposes two main problems: (1) Centralized servers become gatekeepers of the data, essentially acting as an unnecessary mediator between the actual data owners and data users; and (2) servers may create single points of failure both in terms of service availability and data privacy. Therefore, there is a need for secure and decentralized platforms for data distribution with user-level data governance. A new technology, block- chain, may help ameliorate some of these problems. In broad terms, the blockchain technology enables decentralized, im- mutable, incorruptible public ledgers. In this Perspective, we aim to introduce current developments toward using blockchain to address several problems in omics, and to provide an outlook of possible future implications of the blockchain technology to life sciences.
    [Show full text]
  • YEUNG-DOCUMENT-2019.Pdf (478.1Kb)
    Useful Computation on the Block Chain The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation Yeung, Fuk. 2019. Useful Computation on the Block Chain. Master's thesis, Harvard Extension School. Citable link https://nrs.harvard.edu/URN-3:HUL.INSTREPOS:37364565 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA 111 Useful Computation on the Block Chain Fuk Yeung A Thesis in the Field of Information Technology for the Degree of Master of Liberal Arts in Extension Studies Harvard University November 2019 Copyright 2019 [Fuk Yeung] Abstract The recent growth of blockchain technology and its usage has increased the size of cryptocurrency networks. However, this increase has come at the cost of high energy consumption due to the processing power needed to maintain large cryptocurrency networks. In the largest networks, this processing power is attributed to wasted computations centered around solving a Proof of Work algorithm. There have been several attempts to address this problem and it is an area of continuing improvement. We will present a summary of proposed solutions as well as an in-depth look at a promising alternative algorithm known as Proof of Useful Work. This solution will redirect wasted computation towards useful work. We will show that this is a viable alternative to Proof of Work. Dedication Thank you to everyone who has supported me throughout the process of writing this piece.
    [Show full text]
  • Chia Proof of Space Construction
    Chia Proof of Space Construction Introduction In order to create a secure blockchain consensus algorithm using disk space, a Proof of Space is scheme is necessary. This document describes a practical contruction of Proofs of Space, based on Beyond Hellman’s Time- Memory Trade-Offs with Applications to Proofs of Space [1]. We use the techniques laid out in that paper, extend it from 2 to 7 tables, and tweak it to make it efficient and secure, for use in the Chia Blockchain. The document is divided into three main sections: What (mathematical definition of a proof of space), How (how to implement proof of space), and Why (motivation and explanation of the construction) sections. The Beyond Hellman paper can be read first for more mathematical background. Chia Proof of Space Construction Introduction What is Proof of Space? Definitions Proof format Proof Quality String Definition of parameters, and M, f, A, C functions: Parameters: f functions: Matching function M: A′ function: At function: Collation function C: How do we implement Proof of Space? Plotting Plotting Tables (Concepts) Tables Table Positions Compressing Entry Data Delta Format ANS Encoding of Delta Formatted Points Stub and Small Deltas Parks Checkpoint Tables Plotting Algorithm Final Disk Format Full algorithm Phase 1: Forward Propagation Phase 2: Backpropagation Phase 3: Compression Phase 4: Checkpoints Sort on Disk Plotting Performance Space Required Proving Proof ordering vs Plot ordering Proof Retrieval Quality String Retrieval Proving Performance Verification Construction
    [Show full text]
  • Characterizing Ethereum's Mining Power Decentralization at a Deeper
    Characterizing Ethereum’s Mining Power Decentralization at a Deeper Level Liyi Zeng∗§, Yang Chen†§, Shuo Chen†, Xian Zhang†, Zhongxin Guo†, Wei Xu∗, Thomas Moscibroda‡ ∗Institute for Interdisciplinary Information Sciences, Tsinghua University †Microsoft Research ‡Microsoft Azure §Contacts: [email protected], [email protected] Abstract—For proof-of-work blockchains such as Ethereum, than 50% of the total power has grown from several the mining power decentralization is an important discussion hundred to several thousand. Overall, the power is more point in the community. Previous studies mostly focus on the decentralized at the participant level than 4 years ago. aggregated power of the mining pools, neglecting the pool participants who are the source of the pools’ power. In this paper, However, we also find that this number varied signif- we present the first large-scale study of the pool participants icantly over time, which means it requires continuous in Ethereum’s mining pools. Pool participants are not directly tracking. Additionally, as our current data and method- observable because they communicate with their pools via private ology cannot de-anonymize the participants, it’s possible channels. However, they leave “footprints” on chain as they that some participants split themselves into many smaller use Ethereum accounts to anonymously receive rewards from mining pools. For this study, we combine several data sources ones for various reasons, which could make our estima- to identify 62,358,646 pool reward transactions sent by 47 tion inaccurate if not completely off the target. Further pools to their participants over Ethereum’s entire near 5-year study to improve the estimation accuracy is important.
    [Show full text]
  • Crypto Research Report ‒ April 2019 Edition
    April 2019 Edition VI. “When the Tide Goes Out…” Investments: Gold and Bitcoin, Stronger Together Technical Analysis: Spring Awakening? Cryptocurrency Mining in Theory and Practice Demelza Kelso Hays Mark J. Valek We would like to express our profound gratitude to our premium partners for supporting the Crypto Research Report: www.cryptofunds.li Contents Editorial ............................................................................................................................................... 4 In Case You Were Sleeping: When the Tide Goes Out…............................................................... 5 Back to the Roots ............................................................................................................................................. 6 How Long Will This Bear Market Last .............................................................................................................. 7 A Tragic Story Traverses the World ................................................................................................................. 9 When the tide goes out… ............................................................................................................................... 10 A State Cryptocurrency? ................................................................................................................................ 12 Support is Increasing ..................................................................................................................................... 14
    [Show full text]
  • IPFS and Friends: a Qualitative Comparison of Next Generation Peer-To-Peer Data Networks Erik Daniel and Florian Tschorsch
    1 IPFS and Friends: A Qualitative Comparison of Next Generation Peer-to-Peer Data Networks Erik Daniel and Florian Tschorsch Abstract—Decentralized, distributed storage offers a way to types of files [1]. Napster and Gnutella marked the beginning reduce the impact of data silos as often fostered by centralized and were followed by many other P2P networks focusing on cloud storage. While the intentions of this trend are not new, the specialized application areas or novel network structures. For topic gained traction due to technological advancements, most notably blockchain networks. As a consequence, we observe that example, Freenet [2] realizes anonymous storage and retrieval. a new generation of peer-to-peer data networks emerges. In this Chord [3], CAN [4], and Pastry [5] provide protocols to survey paper, we therefore provide a technical overview of the maintain a structured overlay network topology. In particular, next generation data networks. We use select data networks to BitTorrent [6] received a lot of attention from both users and introduce general concepts and to emphasize new developments. the research community. BitTorrent introduced an incentive Specifically, we provide a deeper outline of the Interplanetary File System and a general overview of Swarm, the Hypercore Pro- mechanism to achieve Pareto efficiency, trying to improve tocol, SAFE, Storj, and Arweave. We identify common building network utilization achieving a higher level of robustness. We blocks and provide a qualitative comparison. From the overview, consider networks such as Napster, Gnutella, Freenet, BitTor- we derive future challenges and research goals concerning data rent, and many more as first generation P2P data networks, networks.
    [Show full text]
  • Dani Brunstein Intel Israel November 2014 Agenda
    Dani Brunstein Intel Israel November 2014 Agenda Mutual Introduction, Target and Disclaimer Quick intro on cryptocurrencies and Bitcoin Rate of global acceptance Understanding the Why Disruptive Market On purpose: The technology behind First overview Bitcoin in Israel and the Academy then technicalities Friendly directives • This is a non technical, mostly an informative presentation • Lots to cover – feel free to ask, but we will take discussions offline Quick Intro Dani Brunstein, MSc in Comp. Science, Technion Software Engineer at Microprocessor Design Automation in Intel Israel mailto: [email protected] Special thanks to • Kosta Zertsekel - organizer of the Haifa Meetup Group (actual hands-on experience with bitcoin code) • Shaul Kfir – Bits of Gold • Dr. Orna Agmon Ben-Yehuda - Haifux organizer • Prof. Eli Ben-Sasson – Technion CryptoCurrency research How many of you “know anything on Bitcoins” ? How many of you own Bitcoins ? Target and Disclaimer Target 1. Educate you 2. Getting you excited and involved Disclaimer I am NOT advising you ANYTHING! I am NOT representing any company or group This lecture is given without warranty. The author makes no representation or warranty, either express or implied, with respect to the content, its quality, accuracy or fitness. Therefore the author shell have no liability with respect to any loss, or damage caused directly or indirectly by this lecture. What are Crypto Currencies ? Bitcoin is the first practical solution for peer-to-peer ownership transfer with no trusted third party involved
    [Show full text]
  • Asymmetric Proof-Of-Work Based on the Generalized Birthday Problem
    Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem Alex Biryukov Dmitry Khovratovich University of Luxembourg University of Luxembourg [email protected] [email protected] Abstract—The proof-of-work is a central concept in modern Long before the rise of Bitcoin it was realized [20] that cryptocurrencies and denial-of-service protection tools, but the the dedicated hardware can produce a proof-of-work much requirement for fast verification so far made it an easy prey for faster and cheaper than a regular desktop or laptop. Thus the GPU-, ASIC-, and botnet-equipped users. The attempts to rely on users equipped with such hardware have an advantage over memory-intensive computations in order to remedy the disparity others, which eventually led the Bitcoin mining to concentrate between architectures have resulted in slow or broken schemes. in a few hardware farms of enormous size and high electricity In this paper we solve this open problem and show how to consumption. An advantage of the same order of magnitude construct an asymmetric proof-of-work (PoW) based on a compu- is given to “owners” of large botnets, which nowadays often tationally hard problem, which requires a lot of memory to gen- accommodate hundreds of thousands of machines. For prac- erate a proof (called ”memory-hardness” feature) but is instant tical DoS protection, this means that the early TLS puzzle to verify. Our primary proposal Equihash is a PoW based on the schemes [8], [17] are no longer effective against the most generalized birthday problem and enhanced Wagner’s algorithm powerful adversaries.
    [Show full text]
  • Vulnerability of Blockchain Technologies to Quantum Attacks
    Vulnerability of Blockchain Technologies to Quantum Attacks Joseph J. Kearneya, Carlos A. Perez-Delgado a,∗ aSchool of Computing, University of Kent, Canterbury, Kent CT2 7NF United Kingdom Abstract Quantum computation represents a threat to many cryptographic protocols in operation today. It has been estimated that by 2035, there will exist a quantum computer capable of breaking the vital cryptographic scheme RSA2048. Blockchain technologies rely on cryptographic protocols for many of their essential sub- routines. Some of these protocols, but not all, are open to quantum attacks. Here we analyze the major blockchain-based cryptocurrencies deployed today—including Bitcoin, Ethereum, Litecoin and ZCash, and determine their risk exposure to quantum attacks. We finish with a comparative analysis of the studied cryptocurrencies and their underlying blockchain technologies and their relative levels of vulnerability to quantum attacks. Introduction exist to allow the legitimate owner to recover this account. Blockchain systems are unlike other cryptosys- tems in that they are not just meant to protect an By contrast, in a blockchain system, there is no information asset. A blockchain is a ledger, and as central authority to manage users’ access keys. The such it is the asset. owner of a resource is by definition the one hold- A blockchain is secured through the use of cryp- ing the private encryption keys. There are no of- tographic techniques. Notably, asymmetric encryp- fline backups. The blockchain, an always online tion schemes such as RSA or Elliptic Curve (EC) cryptographic system, is considered the resource— cryptography are used to generate private/public or at least the authoritative description of it.
    [Show full text]
  • Piecework: Generalized Outsourcing Control for Proofs of Work
    (Short Paper): PieceWork: Generalized Outsourcing Control for Proofs of Work Philip Daian1, Ittay Eyal1, Ari Juels2, and Emin G¨unSirer1 1 Department of Computer Science, Cornell University, [email protected],[email protected],[email protected] 2 Jacobs Technion-Cornell Institute, Cornell Tech [email protected] Abstract. Most prominent cryptocurrencies utilize proof of work (PoW) to secure their operation, yet PoW suffers from two key undesirable prop- erties. First, the work done is generally wasted, not useful for anything but the gleaned security of the cryptocurrency. Second, PoW is natu- rally outsourceable, leading to inegalitarian concentration of power in the hands of few so-called pools that command large portions of the system's computation power. We introduce a general approach to constructing PoW called PieceWork that tackles both issues. In essence, PieceWork allows for a configurable fraction of PoW computation to be outsourced to workers. Its controlled outsourcing allows for reusing the work towards additional goals such as spam prevention and DoS mitigation, thereby reducing PoW waste. Meanwhile, PieceWork can be tuned to prevent excessive outsourcing. Doing so causes pool operation to be significantly more costly than today. This disincentivizes aggregation of work in mining pools. 1 Introduction Distributed cryptocurrencies such as Bitcoin [18] rely on the equivalence \com- putation = money." To generate a batch of coins, clients in a distributed cryp- tocurrency system perform an operation called mining. Mining requires solving a computationally intensive problem involving repeated cryptographic hashing. Such problem and its solution is called a Proof of Work (PoW) [11]. As currently designed, nearly all PoWs suffer from one of two drawbacks (or both, as in Bitcoin).
    [Show full text]
  • Alternative Mining Puzzles
    Cryptocurrency Technologies Alternative Mining Puzzles Alternative Mining Puzzles • Essential Puzzle Requirements • ASIC-Resistant Puzzles • Proof-of-Useful-Work • Non-outsourceable Puzzles • Proof-of-Stake “Virtual Mining” Puzzles (recap) Incentive system steers participants Basic features of Bitcoin’s puzzle The puzzle is difficult to solve, so attacks are costly … but not too hard, so honest miners are compensated Q: What other features could a puzzle have? 1 Cryptocurrency Technologies Alternative Mining Puzzles On today’s menu . Alternative puzzle designs Used in practice, and speculative Variety of possible goals ASIC resistance, pool resistance, intrinsic benefits, etc. Essential security requirements Alternative Mining Puzzles • Essential Puzzle Requirements • ASIC-Resistant Puzzles • Proof-of-Useful-Work • Non-outsourceable Puzzles • Proof-of-Stake “Virtual Mining” 2 Cryptocurrency Technologies Alternative Mining Puzzles Puzzle Requirements A puzzle should ... – be cheap to verify – have adjustable difficulty – <other requirements> – have a chance of winning that is proportional to hashpower • Large player get only proportional advantage • Even small players get proportional compensation Bad Puzzle: a sequential Puzzle Consider a puzzle that takes N steps to solve a “Sequential” Proof of Work N Solution Found! 3 Cryptocurrency Technologies Alternative Mining Puzzles Bad Puzzle: a sequential Puzzle Problem: fastest miner always wins the race! Solution Found! Good Puzzle => Weighted Sample This property is sometimes called progress free. 4 Cryptocurrency Technologies Alternative Mining Puzzles Alternative Mining Puzzles • Essential Puzzle Requirements • ASIC-Resistant Puzzles • Proof-of-Useful-Work • Non-outsourceable Puzzles • Proof-of-Stake “Virtual Mining” ASIC Resistance – Why?! Goal: Ordinary people with idle laptops, PCs, or even mobile phones can mine! Lower barrier to entry! Approach: Reduce the gap between custom hardware and general purpose equipment.
    [Show full text]